chore(deps): bump axios to 1.12.0 and next to 15.4.7 - security updates #727
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…updates Bumps the npm_and_yarn group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [next](https://github.com/vercel/next.js). Bumps the npm_and_yarn group with 1 update in the /packages/docs directory: [next](https://github.com/vercel/next.js). Updates `axios` from 1.9.0 to 1.12.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.9.0...v1.12.0) Updates `next` from 15.3.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.3.2...v15.4.7) Updates `next` from 15.3.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.3.2...v15.4.7) --- updated-dependencies: - dependency-name: axios dependency-version: 1.12.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
…1-4ffe-942c-5072231cf09d Security: Dependabot detected security error. It has been fixed.
…npm_and_yarn-13ab244669 chore(deps): bump the npm_and_yarn group across 2 directories with 2 updates
|
@EthanThePhoenix38 is attempting to deploy a commit to the motia Team on Vercel. A member of the Team first needs to authorize it. |
There was a problem hiding this comment.
Pull Request Overview
This PR updates critical dependencies to address security vulnerabilities, specifically bumping axios to version 1.12.0 and Next.js to version 15.4.7 across the project.
- Updated axios from versions 1.8.2/1.9.0 to 1.12.0 for security fixes
- Updated Next.js from 15.3.2 to 15.4.7 for security improvements
- Applied updates consistently across root and package directories
Reviewed Changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| package.json | Updated axios from 1.9.0 to 1.12.0 in root dependencies |
| packages/snap/package.json | Updated axios from 1.8.2 to 1.12.0 in snap package |
| packages/docs/package.json | Updated Next.js from 15.3.2 to 15.4.7 in docs package |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
Hey @EthanThePhoenix38 Thanks for your PR, We'll review this very soon and get back to you. Thanks again. |
|
Hi, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR updates critical dependencies to address security vulnerabilities detected by Dependabot. The updates include axios and Next.js across multiple directories.
Type of Change
Changes Made
axiosfrom 1.9.0 to 1.12.0 in root directorynextfrom 15.3.2 to 15.4.7 in root directorynextfrom 15.3.2 to 15.4.7 in/packages/docsdirectorySecurity Fixes
This update addresses security vulnerabilities in the following packages:
Testing
Additional Context
This is an automated security update generated by Dependabot and reviewed by Copilot. The changes are backward compatible and focus on security improvements without breaking existing functionality.
Release Notes:
Checklist